My client is looking for an Information Security Manager in their Bristol office. Reporting to the Risk Director, you will be responsible for continuing the enhancement and implementation of information security and data processing policies and standards across the firm and in particular, auditing and maintaining our ISO27001 processes and accreditation.
Role: Information Security Manager/Officer
Salary: £40,000 - £45,000
Location: Bristol - Relocation accepted
·Acting as the central point of contact with regards to information security as well as chairing the Information Security forum.
·Ensuring continued compliance against BS ISO/IEC 27001, 20000 and 9001 certifications for including planning and coordinating regular external surveillance and re-certification audits;
·Progressing and closing external audit non-conformities. Plan and implement extensions to the scope of these certifications where TLT changes its scope of operations.
·Monitoring and managing the day to day Information security management system (ISMS).
·Plan, manage and undertake internal and third party audits on IT governance, information security and controls.
·Look at Physical Security aspects
·Proven experience of having managed an Information security management system (ISMS) and maintaining ISO27001 certification in a multi-site operation.
·Solid understanding of IT and experience in developing IT governance, controls and best practice processes in the form of ITIL and IT service management certification (BS ISO/IEC 20000).
·Considerable experience in undertaking a range of internal and third party audits around Information security, data protection and IT governance and controls.
·Experience in developing physical security best practice processes and controls.
·Very good understanding of the principles of risk assessment and risk treatment, including operational risk as well as compliance monitoring and reporting.